From 81e4f0a4b0c0a6693c92043d6447f8cf26fdc460 Mon Sep 17 00:00:00 2001
From: Zamil Majdy <zamil.majdy@agpt.co>
Date: Tue, 10 Feb 2026 12:18:43 +0400
Subject: [PATCH] fix(mcp): Refresh expired OAuth tokens before tool discovery

The discover_tools endpoint was reading raw access tokens from stored
credentials without checking if they had expired. This caused users
to be prompted to re-authenticate every time the token expired (~1h).

Now uses creds_manager.refresh_if_needed() to transparently refresh
expired tokens before using them.
---
 autogpt_platform/backend/backend/api/features/mcp/routes.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/autogpt_platform/backend/backend/api/features/mcp/routes.py b/autogpt_platform/backend/backend/api/features/mcp/routes.py
index 2aecad5ae8..14bd541b2d 100644
--- a/autogpt_platform/backend/backend/api/features/mcp/routes.py
+++ b/autogpt_platform/backend/backend/api/features/mcp/routes.py
@@ -98,6 +98,8 @@ async def discover_tools(
                     ):
                         best_cred = cred
             if best_cred:
+                # Refresh the token if expired before using it
+                best_cred = await creds_manager.refresh_if_needed(user_id, best_cred)
                 logger.info(
                     f"Using MCP credential {best_cred.id} for {request.server_url}, "
                     f"expires_at={best_cred.access_token_expires_at}"